Skip to content

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

Notifications You must be signed in to change notification settings

ommadawn46/chakra-type-confusions

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Chakra Type Confusions

This repository contains PoCs for type confusion vulnerabilities in the ChakraCore engine used by Microsoft Edge (EdgeHTML version, not Chromium-based Edge).

The PoCs inject dummy code (specifically an int 3 followed by nop) into a Just-In-Time (JIT) compilation process.

To verify the PoCs, attach a debugger to a JIT compilation process (one of the MicrosoftEdgeCP.exe processes) and execute the PoCs.

Tested Environment

  • Windows 10 Version 1703 (OS Build 15063.0)

Type Confusion Vulnerabilities

References

About

Chakra Type Confusions - PoCs of Edge's legacy JS engine vulnerabilities that inject code into the JIT process

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published